<![CDATA[[SecurityRatty] tag: mandiant]]> http://securityratty.com/tag/mandiant Wed, 26 Dec 2007 08:54:00 +0000 iRatty Engine http://blogs.law.harvard.edu/tech/rss <![CDATA[Darn Good Idea ... If Done Well]]> http://securityratty.com/article/2c9abb3c29fb2916c057241cbd14d900 http://securityratty.com/article/2c9abb3c29fb2916c057241cbd14d900 here)

Somebody, somewhere is thinking ...

In any case, "free is in" :-) Look at all the announcements (NetWitness, Mandiant, this) as well as "the original free."
About me: http://www.chuvakin.org
]]> Wed, 19 Nov 2008 11:30:00 +0000 free original free log management data centers compliance product mandiant netwitness visibility org Darn Good Idea ... If Done Well <![CDATA[Malware analysis tools]]> http://securityratty.com/article/fb65a2d4609cbcefc5bdbbb91ee3d8c8 http://securityratty.com/article/fb65a2d4609cbcefc5bdbbb91ee3d8c8 The Malcode Analysis Software Tools from iDefense Labs are extremely useful. toolsmith featured the suite in the July 2007 column.
API-Logger can be used as a standalone tool or you can run the .exe through SysAnalyzer which includes API-Logger output.
Other important pieces in my sandbox included VMWare Server (Linux host, Windows VMs), PE Explorer, RAPIER 3.2, Wireshark, Mandiant Red Curtain (MRC), and the Systinternals tools.
Check the toolsmith page for articles on Wireshark, MRC, and RAPIER use as well.
Required reading from the "The Godfather of RE", Lenny Zeltser, includes his Reverse Engineering Malware paper.
Malware analysis tools at del.icio.us Digg Malware analysis tools ]]> Wed, 26 Dec 2007 08:54:00 +0000 tools api-logger includes api-logger output includes malware analysis toolsmith page toolsmith mandiant red curtain systinternals tools Malware analysis tools